cafkafk/nixpkgs
cafkafk/nixpkgs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2

modules/programs/ssh: knownHosts -> extraKnownHosts

Browse source
This commit is contained in:
Taeer Bar-Yam 2022-01-19 08:48:41 -05:00
parent 42d3974dbd
commit 8fa2e787f1
1 changed files with 17 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
nixos/modules/programs/ssh.nix
View file

@ -17,7 +17,7 @@ let
exec ${askPassword} "$@" exec ${askPassword} "$@"
''; '';
knownHosts = map (h: getAttr h cfg.knownHosts) (attrNames cfg.knownHosts); knownHosts = attrValues cfg.knownHosts;
knownHostsText = (flip (concatMapStringsSep "\n") knownHosts knownHostsText = (flip (concatMapStringsSep "\n") knownHosts
(h: assert h.hostNames != []; (h: assert h.hostNames != [];
@ -142,7 +142,7 @@ in
knownHosts = mkOption { knownHosts = mkOption {
default = {}; default = {};
type = types.attrsOf (types.submodule ({ name, ... }: { type = types.attrsOf (types.submodule ({ name, config, ... }: {
options = { options = {
certAuthority = mkOption { certAuthority = mkOption {
type = types.bool; type = types.bool;
@ -154,12 +154,21 @@ in
}; };
hostNames = mkOption { hostNames = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
default = []; default = [ name ] ++ config.extraHostNames;
description = '' description = ''
DEPRECATED, please use <literal>extraHostNames</literal>.
A list of host names and/or IP numbers used for accessing A list of host names and/or IP numbers used for accessing
the host's ssh service. the host's ssh service.
''; '';
}; };
extraHostNames = mkOption {
type = types.listOf types.str;
default = [];
description = ''
A list of additional host names and/or IP numbers used for
accessing the host's ssh service.
'';
};
publicKey = mkOption { publicKey = mkOption {
default = null; default = null;
type = types.nullOr types.str; type = types.nullOr types.str;
@ -186,9 +195,6 @@ in
''; '';
}; };
}; };
config = {
hostNames = mkDefault [ name ];
};
})); }));
description = '' description = ''
The set of system-wide known SSH hosts. The set of system-wide known SSH hosts.
@ -196,13 +202,10 @@ in
example = literalExpression '' example = literalExpression ''
{ {
myhost = { myhost = {
hostNames = [ "myhost" "myhost.mydomain.com" "10.10.1.4" ]; extraHostNames = [ "myhost.mydomain.com" "10.10.1.4" ];
publicKeyFile = ./pubkeys/myhost_ssh_host_dsa_key.pub; publicKeyFile = ./pubkeys/myhost_ssh_host_dsa_key.pub;
}; };
myhost2 = { "myhost2.net".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILIRuJ8p1Fi+m6WkHV0KWnRfpM1WxoW8XAS+XvsSKsTK";
hostNames = [ "myhost2" ];
publicKeyFile = ./pubkeys/myhost2_ssh_host_dsa_key.pub;
};
} }
''; '';
}; };
@ -275,6 +278,9 @@ in
message = "knownHost ${name} must contain either a publicKey or publicKeyFile"; message = "knownHost ${name} must contain either a publicKey or publicKeyFile";
}); });
warnings = mapAttrsToList (name: _: ''programs.ssh.knownHosts.${name}.hostNames is deprecated use programs.ssh.knownHosts.${name}.extraHostNames'')
(filterAttrs (name: {hostNames, extraHostNames, ...}: hostNames != [ name ] ++ extraHostNames) cfg.knownHosts);
# SSH configuration. Slight duplication of the sshd_config # SSH configuration. Slight duplication of the sshd_config
# generation in the sshd service. # generation in the sshd service.
environment.etc."ssh/ssh_config".text = environment.etc."ssh/ssh_config".text =